[Fedora-directory-users] TLS trace: SSL3 alert write:fatal:unknown CA
Jeff Gamsby
JFGamsby at lbl.gov
Sat Jun 3 00:48:00 UTC 2006
Jeff Gamsby
Center for X-Ray Optics
Lawrence Berkeley National Laboratory
(510) 486-7783
Richard Megginson wrote:
> Jeff Gamsby wrote:
>>
>> Jeff Gamsby
>> Center for X-Ray Optics
>> Lawrence Berkeley National Laboratory
>> (510) 486-7783
>>
>>
>>
>> Richard Megginson wrote:
>>> Jeff Gamsby wrote:
>>>>
>>>> Jeff Gamsby
>>>> Center for X-Ray Optics
>>>> Lawrence Berkeley National Laboratory
>>>> (510) 486-7783
>>>>
>>>>
>>>>
>>>> Richard Megginson wrote:
>>>>> Jeff Gamsby wrote:
>>>>>>
>>>>>> Jeff Gamsby
>>>>>> Center for X-Ray Optics
>>>>>> Lawrence Berkeley National Laboratory
>>>>>> (510) 486-7783
>>>>>>
>>>>>>
>>>>>>
>>>>>> Richard Megginson wrote:
>>>>>>> Jeff Gamsby wrote:
>>>>>>>>
>>>>>>>> Jeff Gamsby
>>>>>>>> Center for X-Ray Optics
>>>>>>>> Lawrence Berkeley National Laboratory
>>>>>>>> (510) 486-7783
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Richard Megginson wrote:
>>>>>>>>> Jeff Gamsby wrote:
>>>>>>>>>> I blew away the server and installed a new one, then I used
>>>>>>>>>> the setupssl.sh script to setup SSL. The script completed
>>>>>>>>>> successfully, and the server is listening on port 636, but
>>>>>>>>>> I'm back to a familiar error:
>>>>>>>>>>
>>>>>>>>>> ldapsearch -x -ZZ -d -1
>>>>>>>>>>
>>>>>>>>>> TLS trace: SSL_connect:SSLv3 read server hello A
>>>>>>>>>> TLS certificate verification: depth: 1, err: 19, subject:
>>>>>>>>>> /CN=CAcert, issuer: /CN=CAcert
>>>>>>>>>> TLS certificate verification: Error, self signed certificate
>>>>>>>>>> in certificate chain
>>>>>>>>>> tls_write: want=7, written=7
>>>>>>>>>> 0000: 15 03 01 00 02 02 30
>>>>>>>>>> ......0 TLS trace: SSL3 alert write:fatal:unknown CA
>>>>>>>>>> TLS trace: SSL_connect:error in SSLv3 read server certificate B
>>>>>>>>>> TLS trace: SSL_connect:error in SSLv3 read server certificate B
>>>>>>>>>> TLS: can't connect.
>>>>>>>>>> ldap_perror
>>>>>>>>>> ldap_start_tls: Connect error (-11)
>>>>>>>>>> additional info: error:14090086:SSL
>>>>>>>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>>>>>>>>>>
>>>>>>>>>> Shouldn't CN=CAcert be cn=fqdn?
>>>>>>>>> No, no hostname validation is done on the CA cert, only on the
>>>>>>>>> LDAP server cert.
>>>>>>>>>
>>>>>>>>> Did you configure openldap to use the new CA cert?
>>>>>>>>> http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients
>>>>>>>>>
>>>>>>>>
>>>>>>>> Yes.
>>>>>>>>
>>>>>>>> This is what the access log says
>>>>>>>>
>>>>>>>> [02/Jun/2006:14:58:41 -0700] conn=2 op=462 RESULT err=0 tag=101
>>>>>>>> nentries=0 etime=0
>>>>>>>> [02/Jun/2006:14:58:47 -0700] conn=124 fd=68 slot=68 connection
>>>>>>>> from 127.0.0.1 to 127.0.0.1
>>>>>>>> [02/Jun/2006:14:58:47 -0700] conn=124 op=0 EXT
>>>>>>>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>>>>>>>> [02/Jun/2006:14:58:47 -0700] conn=124 op=0 RESULT err=0 tag=120
>>>>>>>> nentries=0 etime=0
>>>>>>>> [02/Jun/2006:14:58:47 -0700] conn=124 op=-1 fd=68 closed - Peer
>>>>>>>> does not recognize and trust the CA that issued your certificate.
>>>>>>>
>>>>>>> This means that the CA cert that /etc/openldap/ldap.conf is
>>>>>>> using is not the cert of the CA that issued the Fedora DS server
>>>>>>> cert.
>>>>>> OK. I had the old cert in there.
>>>>>>
>>>>>> I followed the instructions and did a
>>>>>>
>>>>>> cp cacert.asc /etc/openldap/cacerts/`openssl x509 -noout -hash
>>>>>> -in cacert.asc`.0
>>>>>>
>>>>>> and set TLS_CACERT to /etc/openldap/cacerts/cacert.asc. I still
>>>>>> get the same error
>>>>> But does the file /etc/openldap/cacerts/cacert.asc exist? If not,
>>>>> you need to copy that file in there. I guess the docs are not
>>>>> explicit enough - if you use TLS_CACERTDIR, you must have the file
>>>>> <hash>.0 in the cacerts directory. If you use TLS_CACERT, you
>>>>> must have the file /etc/openldap/cacerts/cacert.asc.
>>>>
>>>> It does exist, and I'm using TLS_CACERT
>>>> /etc/openldap/cacerts/cacert.asc
>>>>
>>>> Same error.
>>>> [02/Jun/2006:15:34:53 -0700] conn=30 fd=68 slot=68 connection from
>>>> 127.0.0.1 to 127.0.0.1
>>>> [02/Jun/2006:15:34:53 -0700] conn=30 op=0 EXT
>>>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>>>> [02/Jun/2006:15:34:53 -0700] conn=30 op=0 RESULT err=0 tag=120
>>>> nentries=0 etime=0
>>>> [02/Jun/2006:15:34:53 -0700] conn=30 op=-1 fd=68 closed - Peer does
>>>> not recognize and trust the CA that issued your certificate.
>>>>
>>>> I also put the same info in /etc/ldap.conf
>>> That file is only used by pam_ldap and nss_ldap, so it shouldn't
>>> matter.
>>>>
>>>> Also, here are the certs
>>>>
>>>> ../shared/bin/certutil -L -P slapd-server- -d .
>>>> CA certificate CTu,u,u
>>>> server-cert u,u,u
>>>> Server-Cert u,u,u
>>>>
>>>> Does that look right?
>>> Try this:
>>> ../shared/bin/certutil -L -P slapd-server- -d . -n "CA certificate"
>>> -a > mycacert.asc
>>>
>>> diff mycacert.asc /etc/openldap/cacerts/cacert.asc
>>>
>>> If they are the same, then CA certificate is not the cert of the CA
>>> that issued Server-Cert.
>>
>> They are the same.
>>
>> I'm not sure that I understand.
> I'm not sure I understand what's going on either, but the message
> "Peer does not recognize and trust the CA that issued your
> certificate." means that ldapsearch did not verify your LDAP server
> certificate (Server-Cert). This is usually due to one or both of the
> following:
> 1) The value of the cn attribute in the leftmost RDN of the subjectDN
> in the LDAP server cert is not the fqdn of the LDAP server host, or
> the client cannot resolve it.
> 2) The /etc/openldap/cacerts/cacert.asc CA cert is not the cert of the
> CA that issued the LDAP server certificate (Server-Cert)
>
> I'm not sure which one it is. You might try dumping out the server
> certificate (../shared/bin/certutil -L -P slapd-server- -d . -n
> "Server-Cert" -a > fdscert.pem) and using openssl to verify the cert e.g.
> openssl verify -CAfile /etc/openldap/cacerts/cacert.asc fdscert.pem
>
> If you get an error, this means that the CA whose cert is
> /etc/openldap/cacerts/cacert.asc did not issue the fedora ds server
> certificate.
I get fdscert.pem: OK
>>
>>>>
>>>>>>
>>>>>> [02/Jun/2006:15:24:47 -0700] conn=10 fd=67 slot=67 connection
>>>>>> from 127.0.0.1 to 127.0.0.1
>>>>>> [02/Jun/2006:15:24:47 -0700] conn=10 op=0 EXT
>>>>>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>>>>>> [02/Jun/2006:15:24:47 -0700] conn=10 op=0 RESULT err=0 tag=120
>>>>>> nentries=0 etime=0
>>>>>> [02/Jun/2006:15:24:47 -0700] conn=10 op=-1 fd=67 closed - Peer
>>>>>> does not recognize and trust the CA that issued your certificate.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> This is all that the errors log says
>>>>>>>>> How about the access log?
>>>>>>>>>>
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - No symmetric key found for
>>>>>>>>>> cipher AES in backend userRoot, attempting to create one...
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - Key for cipher AES
>>>>>>>>>> successfully generated and stored
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - No symmetric key found for
>>>>>>>>>> cipher 3DES in backend userRoot, attempting to create one...
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - Key for cipher 3DES
>>>>>>>>>> successfully generated and stored
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - No symmetric key found for
>>>>>>>>>> cipher AES in backend NetscapeRoot, attempting to create one...
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - Key for cipher AES
>>>>>>>>>> successfully generated and stored
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - No symmetric key found for
>>>>>>>>>> cipher 3DES in backend NetscapeRoot, attempting to create one...
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - Key for cipher 3DES
>>>>>>>>>> successfully generated and stored
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - slapd started. Listening on
>>>>>>>>>> All Interfaces port 389 for LDAP requests
>>>>>>>>>> [02/Jun/2006:14:21:01 -0700] - Listening on All Interfaces
>>>>>>>>>> port 636 for LDAPS requests
>>>>>>>>>>
>>>>>>>>>> Thanks for your help
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Jeff Gamsby
>>>>>>>>>> Center for X-Ray Optics
>>>>>>>>>> Lawrence Berkeley National Laboratory
>>>>>>>>>> (510) 486-7783
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Richard Megginson wrote:
>>>>>>>>>>> Jeff Gamsby wrote:
>>>>>>>>>>>> OK, now I have a different error.
>>>>>>>>>>>>
>>>>>>>>>>>> I ran ../shared/bin/certutil -A -n cert-name -t "C,C,C" -i
>>>>>>>>>>>> /etc/certs/ca-cert.pem -P slapd-server- -d .
>>>>>>>>>>>>
>>>>>>>>>>>> and
>>>>>>>>>>>>
>>>>>>>>>>>> ln -s ca-cert.pem `openssl x509 -noout -hash -in
>>>>>>>>>>>> ca-cert.pem`.0
>>>>>>>>>>>>
>>>>>>>>>>>> Now, I get this error:
>>>>>>>>>>>>
>>>>>>>>>>>> TLS: can't connect.
>>>>>>>>>>>> ldap_perror
>>>>>>>>>>>> ldap_start_tls: Connect error (-11)
>>>>>>>>>>>> additional info: Start TLS request accepted.Server
>>>>>>>>>>>> willing to negotiate SSL.
>>>>>>>>>>> What OS and version are you running? RHEL3
>>>>>>>>>>> /etc/openldap/ldap.conf does not like the TLS_CACERTDIR
>>>>>>>>>>> directive - you must use the TLS_CACERT directive with the
>>>>>>>>>>> full path and filename of the cacert.pem file (e.g.
>>>>>>>>>>> /etc/openldap/cacerts/cacert.pem). What does it say in the
>>>>>>>>>>> fedora ds access and error log for this request?
>>>>>>>>>>>
>>>>>>>>>>> For a successful startTLS request with ldapsearch, you
>>>>>>>>>>> should see something like the following in your fedora ds
>>>>>>>>>>> access log:
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 fd=64 slot=64
>>>>>>>>>>> connection from 127.0.0.1 to 127.0.0.1
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=0 EXT
>>>>>>>>>>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=0 RESULT err=0
>>>>>>>>>>> tag=120 nentries=0 etime=0
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 SSL 256-bit AES
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=1 BIND dn=""
>>>>>>>>>>> method=128 version=3
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=1 RESULT err=0
>>>>>>>>>>> tag=97 nentries=0 etime=0 dn=""
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=2 SRCH
>>>>>>>>>>> base="dc=example,dc=com" scope=0 filter="(objectClass=*)"
>>>>>>>>>>> attrs=ALL
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=2 RESULT err=0
>>>>>>>>>>> tag=101 nentries=1 etime=0
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=3 UNBIND
>>>>>>>>>>> [02/Jun/2006:15:31:48 -0600] conn=11 op=3 fd=64 closed - U1
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Jeff Gamsby
>>>>>>>>>>>> Center for X-Ray Optics
>>>>>>>>>>>> Lawrence Berkeley National Laboratory
>>>>>>>>>>>> (510) 486-7783
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Richard Megginson wrote:
>>>>>>>>>>>>> Jeff Gamsby wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Jeff Gamsby
>>>>>>>>>>>>>> Center for X-Ray Optics
>>>>>>>>>>>>>> Lawrence Berkeley National Laboratory
>>>>>>>>>>>>>> (510) 486-7783
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Richard Megginson wrote:
>>>>>>>>>>>>>>> Jeff Gamsby wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Jeff Gamsby
>>>>>>>>>>>>>>>> Center for X-Ray Optics
>>>>>>>>>>>>>>>> Lawrence Berkeley National Laboratory
>>>>>>>>>>>>>>>> (510) 486-7783
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Richard Megginson wrote:
>>>>>>>>>>>>>>>>> Jeff Gamsby wrote:
>>>>>>>>>>>>>>>>>> I am trying to get FDS 1.0.2 working in SSL mode. I
>>>>>>>>>>>>>>>>>> am using a OpenSSL CA, I have installed the Server
>>>>>>>>>>>>>>>>>> Cert and the CA Cert, can start FDS in SSL mode, but
>>>>>>>>>>>>>>>>>> when I run
>>>>>>>>>>>>>>>>>> ldapsearch -x -ZZ I get TLS trace: SSL3 alert
>>>>>>>>>>>>>>>>>> write:fatal:unknown CA.
>>>>>>>>>>>>>>>>> Did you follow this -
>>>>>>>>>>>>>>>>> http://directory.fedora.redhat.com/wiki/Howto:SSL
>>>>>>>>>>>>>>>> I did, but that didn't work for me. The only thing that
>>>>>>>>>>>>>>>> I did this time was generate a request from the "Manage
>>>>>>>>>>>>>>>> Certificates", sign the request using my OpenSSL CA,
>>>>>>>>>>>>>>>> and install the Server and CA Certs. Then I turned on
>>>>>>>>>>>>>>>> SSL in the Admin console, and restarted the server.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> When I followed the instructions from the link, I
>>>>>>>>>>>>>>>> couldn't even get FDS to start in SSL mode.
>>>>>>>>>>>>>>> One problem may be that ldapsearch is trying to verify
>>>>>>>>>>>>>>> the hostname in your server cert, which is the value of
>>>>>>>>>>>>>>> the cn attribute in the leftmost RDN in your server
>>>>>>>>>>>>>>> cert's subject DN. What is the subject DN of your
>>>>>>>>>>>>>>> server cert? You can use certutil -L -n Server-Cert as
>>>>>>>>>>>>>>> specified in the Howto:SSL to print your cert.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Sorry. I missed the -P option.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> running ../shared/bin/certutil -L -d . -P slapd-server-
>>>>>>>>>>>>>> -n "server-cert" returns the Subject *CN* as FQDN of FDS
>>>>>>>>>>>>>> and OpenSSL CA host (ran on same machine)
>>>>>>>>>>>>> Hmm - try ldapsearch with the -v (or -d?) option to get
>>>>>>>>>>>>> some debugging info.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> In /etc/ldap.conf, I have put in
>>>>>>>>>>>>>>>>>> TLS_CACERT /path/to/cert
>>>>>>>>>>>>>>>>> Is this the same /path/to/cacert.pem as below?
>>>>>>>>>>>>>>>> Yes
>>>>>>>>>>>>>>>>>> TLSREQCERT allow
>>>>>>>>>>>>>>>>>> ssl on
>>>>>>>>>>>>>>>>>> ssl start_tls
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> If I run
>>>>>>>>>>>>>>>>>> openssl s_client -connect localhost:636 -showcerts
>>>>>>>>>>>>>>>>>> -state -CAfile /path/to/cacert.pem
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> It looks OK
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Please help
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> --
>>>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>>>>
>>>>>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>> ------------------------------------------------------------------------
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Fedora-directory-users mailing list
>>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Fedora-directory-users mailing list
>>>>>>>> Fedora-directory-users at redhat.com
>>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>> ------------------------------------------------------------------------
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Fedora-directory-users mailing list
>>>>>>> Fedora-directory-users at redhat.com
>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Fedora-directory-users mailing list
>>>>>> Fedora-directory-users at redhat.com
>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>>
>>>>> --
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>> ------------------------------------------------------------------------
>>>
>>>
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
More information about the Fedora-directory-users
mailing list